From 3c8d842e3b6d65c06e043e85c74f79ead5519b7a Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Tue, 30 Jan 2024 12:23:48 +0100
Subject: [PATCH] oidc added

---
 deployment/deploy-yml.tmpl  | 26 +++++-----
 deployment/oidc-config.json |  4 +-
 src/Run.py                  | 95 ++++++++++++++++++++++---------------
 3 files changed, 71 insertions(+), 54 deletions(-)

diff --git a/deployment/deploy-yml.tmpl b/deployment/deploy-yml.tmpl
index ada1c1f..49d14a1 100644
--- a/deployment/deploy-yml.tmpl
+++ b/deployment/deploy-yml.tmpl
@@ -1,25 +1,25 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: oidc-python-example
+  name: nutri
   labels:
-    app: oidc-python-example
+    app: nutri
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: oidc-python-example
+      app: nutri
   template:
     metadata:
       labels:
-        app: oidc-python-example
+        app: nutri
     spec:
       containers:
-        - name: oidc-python-example
+        - name: nutri
           image: %IMAGE%
           envFrom:
             - secretRef: 
-                name: secrets
+                name: nutri-secrets
           ports:
             - containerPort: 8080
               protocol: TCP
@@ -27,11 +27,11 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: oidc-python-example
+  name: nutri
 spec:
   type: ClusterIP
   selector:
-    app: oidc-python-example
+    app: nutri
   ports:
     - name: http
       targetPort: 8080
@@ -40,23 +40,23 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: oidc-python-example
+  name: nutri
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production-http
 spec:
   tls:
     - hosts:
-        - oidc-python-example.hottis.de
-      secretName: oidc-python-example-cert
+        - nutri.hottis.de
+      secretName: nutri-cert
   rules:
-    - host: oidc-python-example.hottis.de
+    - host: nutri.hottis.de
       http:
         paths:
           - path: /
             pathType: Prefix
             backend:
               service:
-                name: oidc-python-example
+                name: nutri
                 port:
                   number: 80
 
diff --git a/deployment/oidc-config.json b/deployment/oidc-config.json
index b587893..49a1780 100644
--- a/deployment/oidc-config.json
+++ b/deployment/oidc-config.json
@@ -2,10 +2,10 @@
     "web": {
         "issuer": "https://auth2.hottis.de/realms/hottis",
         "auth_uri": "https://auth2.hottis.de/ealms/hottis/protocol/openid-connect/auth",
-        "client_id": "oidc-python-example",
+        "client_id": "nutri",
         "client_secret": "%CLIENT_SECRET%",
         "redirect_uris": [
-            "https://oidc-python-example.hottis.de/*"
+            "http://localhost:8080/*"
         ],
         "userinfo_uri": "https://auth2.hottis.de/realms/hottis/protocol/openid-connect/userinfo", 
         "token_uri": "https://auth2.hottis.de/realms/hottis/protocol/openid-connect/token"
diff --git a/src/Run.py b/src/Run.py
index 9d3546a..020ee9a 100644
--- a/src/Run.py
+++ b/src/Run.py
@@ -1,11 +1,24 @@
-from flask import Flask, request, render_template, jsonify, redirect, url_for
+from flask import Flask, request, render_template, jsonify, redirect, url_for, g
 import sqlite3
+from flask_oidc import OpenIDConnect
+from werkzeug.middleware.proxy_fix import ProxyFix
+import os
+import json
 
 app = Flask(__name__)
 app.config.update({
-    'SECRET_KEY': "fdsgffdgretfsdgfsf"
+    'SECRET_KEY': os.environ['SECRET'],
+    'DEBUG': False,
+    'OIDC_CLIENT_SECRETS': json.loads(os.environ['CLIENT_SECRETS']),
+    'OIDC_ID_TOKEN_COOKIE_SECURE': False,
+    'OIDC_USER_INFO_ENABLED': True,
+    'OIDC_OPENID_REALM': 'hottis',
+    'OIDC_SCOPES': ['openid', 'email', 'profile']
 })
 
+oidc = OpenIDConnect(app)
+
+
 # Datenbankverbindung konfigurieren
 def get_db_connection():
     conn = sqlite3.connect('nutrition.db')  # 'nutrition.db' ist der Name der Datenbankdatei
@@ -13,42 +26,42 @@ def get_db_connection():
     return conn
 
 
-def init_db():
-    conn = get_db_connection()
-    cursor = conn.cursor()
-
-    # Erstellen der Tabelle
-    cursor.execute('''
-        CREATE TABLE IF NOT EXISTS nutrition_table (
-            id INTEGER PRIMARY KEY,
-            name TEXT NOT NULL,
-            kcal REAL,
-            EW REAL,
-            Fett REAL,
-            KH REAL,
-            BST REAL,
-            CA REAL
-        )
-    ''')
-
-    # Testdaten einfügen
-    test_data = [
-        ('Apfel', 52, 0.3, 0.2, 14, 0.2, 6),
-        ('Banane', 89, 1.1, 0.3, 23, 0.3, 5),
-        ('Karotte', 41, 0.9, 0.2, 10, 0.2, 3),
-        ('Tomate', 18, 0.9, 0.2, 3.9, 0.2, 4),
-        ('Brokkoli', 34, 2.8, 0.4, 6.6, 0.4, 2),
-        ('Spinat', 23, 2.9, 0.4, 3.6, 0.4, 99),
-        ('Kartoffel', 77, 2, 0.1, 17, 0.1, 12),
-        ('Huhn', 239, 27, 14, 0, 0, 2),
-        ('Lachs', 208, 20, 13, 0, 0, 1),
-        ('Ei', 155, 13, 11, 1.1, 1, 1)
-    ]
-
-    cursor.executemany('INSERT INTO nutrition_table (name, kcal, EW, Fett, KH, BST, CA) VALUES (?, ?, ?, ?, ?, ?, ?)', test_data)
-
-    conn.commit()
-    conn.close()
+#def init_db():
+#    conn = get_db_connection()
+#    cursor = conn.cursor()
+#
+#    # Erstellen der Tabelle
+#    cursor.execute('''
+#        CREATE TABLE IF NOT EXISTS nutrition_table (
+#            id INTEGER PRIMARY KEY,
+#            name TEXT NOT NULL,
+#            kcal REAL,
+#            EW REAL,
+#            Fett REAL,
+#            KH REAL,
+#            BST REAL,
+#            CA REAL
+#        )
+#    ''')
+#
+#    # Testdaten einfügen
+#    test_data = [
+#        ('Apfel', 52, 0.3, 0.2, 14, 0.2, 6),
+#        ('Banane', 89, 1.1, 0.3, 23, 0.3, 5),
+#        ('Karotte', 41, 0.9, 0.2, 10, 0.2, 3),
+#        ('Tomate', 18, 0.9, 0.2, 3.9, 0.2, 4),
+#        ('Brokkoli', 34, 2.8, 0.4, 6.6, 0.4, 2),
+#        ('Spinat', 23, 2.9, 0.4, 3.6, 0.4, 99),
+#        ('Kartoffel', 77, 2, 0.1, 17, 0.1, 12),
+#        ('Huhn', 239, 27, 14, 0, 0, 2),
+#        ('Lachs', 208, 20, 13, 0, 0, 1),
+#        ('Ei', 155, 13, 11, 1.1, 1, 1)
+#    ]
+#
+#    cursor.executemany('INSERT INTO nutrition_table (name, kcal, EW, Fett, KH, BST, CA) VALUES (?, ?, ?, ?, ?, ?, ?)', test_data)
+#
+#    conn.commit()
+#    conn.close()
 
 
 
@@ -80,12 +93,14 @@ def calculate_nutrition(food, weight):
 
 # Index-Route
 @app.route('/')
+@oidc.require_login
 def index():
     return render_template('index.html')
 
 # ...
 
 @app.route('/get_products')
+@oidc.require_login
 def get_products():
     conn = get_db_connection()
     cursor = conn.cursor()
@@ -95,13 +110,13 @@ def get_products():
     print("ter")
     return {'products': [product[0] for product in products]}
 
-# ...
 
 
 
 
 # Route zum Hinzufügen und Berechnen von Lebensmitteln
 @app.route('/add_lm', methods=['GET'])
+@oidc.require_login
 def add_lm():
     food = request.args.get('food')
     weight = float(request.args.get('weight'))
@@ -125,6 +140,7 @@ def add_lm():
 
 
 @app.route('/add_nutrition', methods=['POST'])
+@oidc.accept_token(require_token=True, scopes_required=['openid'])
 def add_nutrition():
     food = request.form.get('food')
     kcal = float(request.form.get('kcal'))
@@ -147,6 +163,7 @@ def add_nutrition():
 
 
 @app.route('/nutrition')
+@oidc.require_login
 def nutrition():
     return render_template('nutrition.html')